Here is some food for thought for you. A free program called Trillian, which you can find from http://www.download.com, connects to MSN through dedicated, configurable ports. This disables the need for H.323 protocol by not including the extended functionality that MSN brings in the form of Netmeeting and Voice chat. As the thread has stated, MSN uses the SIP in WinXP, but that is not an issue for you. If you could get your client stations to install Trillian instead of MSN, you can simply block one port in your firewall (that you configured with the install of Trillian) from selected client IP's, you should be golden.
Give it a shot. Best of luck, Bejon -----Original Message----- From: Nil Fiat [mailto:[EMAIL PROTECTED]] Sent: Friday, March 01, 2002 8:36 AM To: [EMAIL PROTECTED] Subject: RE: More on MSN Messenger, AIM and other chat programs? Hey yo. Me=branch sysadmin for a company that thinks "security" is a savings & loan term. My system=WAN-connected w/ firewall, server & service-based virusscanning, all sorts of Windoze and every patch I can find. My problem: Messengers. They're against company policy, so for a while I just uninstalled them every time I saw them. That upset the office politic, so I had to stop. Now they're "technically" contraban, but everybody has them anyway. What's worse, the people who successfully complained enough got permission to keep theirs (usually the "But I need to chat with my kids all day!" line). I've been looking for a way to get rid of them and reading this thread with great interest, because until recently I figured if could find a simple way to prevent them from working on our nw, the company would let me do it. Now, though, I have to allow at least one or two instances of MSN messenger to run...Is there any way under the sun that I could keep all messengers from running *except* the ones my oh-so security-and-productivity-conscious employers have decided to allow? (I know it's easy on the NT boxes, but most of them are 98.) Also, if I'm forced to just allow them all, is there anything I can do to mitigate the security/stupidity risk these things pose in the hands of, um, certain users? Danke peeps. Sara T. "It is the triumph of the human that he can know a thing and still not believe it." --John Steinbeck, _East Of Eden_ ________________________________________________________________ Get your own evilemail.com address at http://www.evilemail.com
